oxbrbtx/PrimAITE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#2257: moved config tests into its own directory + added dmz_network.yaml to use in tests

Browse Source
This commit is contained in:
Czar Echavez
2024-02-12 18:58:10 +00:00
parent 7beacfd95f
commit 2c743005cd
5 changed files with 295 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
tests/assets/configs/basic_switched_network.yaml
View File

@@ -1,3 +1,10 @@
# Basic Switched network
#
# -------------- -------------- --------------
# | client_1 |------| switch_1 |------| client_2 |
# -------------- -------------- --------------
#
training_config:
rl_framework: SB3
rl_algorithm: PPO

230
tests/assets/configs/dmz_network.yaml Normal file
View File

@@ -0,0 +1,230 @@
# Network with DMZ
#
# An example network configuration with an internal network, a DMZ network and a couple of external networks.
#
# ............................................................................
# . .
# . Internal Network .
# . .
# . -------------- -------------- -------------- .
# . | client_1 |------| switch_1 |------| router_1 | .
# . -------------- -------------- -------------- .
# . (Computer) | .
# ......................................................|.....................
# |
# |
# ......................................................|.....................
# . | .
# . DMZ Network | .
# . | .
# . -------------- -------------- -------------- .
# . | client_2 |------| switch_2 |------| router_2 | .
# . -------------- -------------- -------------- .
# . (Computer) | .
# ......................................................|.....................
# |
# External Network |
# |
# |
# ----------------------- -------------- ---------------------
# | external_computer |------| switch_3 |------| external_server |
# ----------------------- -------------- ---------------------
#
training_config:
rl_framework: SB3
rl_algorithm: PPO
seed: 333
n_learn_episodes: 1
n_eval_episodes: 5
max_steps_per_episode: 128
deterministic_eval: false
n_agents: 1
agent_references:
- defender
io_settings:
save_checkpoints: true
checkpoint_interval: 5
save_step_metadata: false
save_pcap_logs: true
save_sys_logs: true
game:
max_episode_length: 256
ports:
- ARP
- DNS
- HTTP
- POSTGRES_SERVER
protocols:
- ICMP
- TCP
- UDP
agents:
- ref: client_2_green_user
team: GREEN
type: GreenWebBrowsingAgent
observation_space:
type: UC2GreenObservation
action_space:
action_list:
- type: DONOTHING
- type: NODE_APPLICATION_EXECUTE
options:
nodes:
- node_name: client_2
applications:
- application_name: WebBrowser
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
max_applications_per_node: 1
reward_function:
reward_components:
- type: DUMMY
agent_settings:
start_settings:
start_step: 5
frequency: 4
variance: 3
simulation:
network:
nodes:
- ref: client_1
type: computer
hostname: client_1
ip_address: 192.168.0.10
subnet_mask: 255.255.255.0
default_gateway: 192.168.0.1
dns_server: 192.168.20.10
- ref: switch_1
type: switch
hostname: switch_1
num_ports: 8
- ref: router_1
type: router
hostname: router_1
num_ports: 5
ports:
1:
ip_address: 192.168.0.1
subnet_mask: 255.255.255.0
2:
ip_address: 192.168.1.1
subnet_mask: 255.255.255.0
acl:
22:
action: PERMIT
src_port: ARP
dst_port: ARP
23:
action: PERMIT
protocol: ICMP
- ref: client_2
type: computer
hostname: client_2
ip_address: 192.168.10.10
subnet_mask: 255.255.255.0
default_gateway: 192.168.10.1
dns_server: 192.168.20.10
- ref: switch_2
type: switch
hostname: switch_2
num_ports: 8
- ref: router_2
type: router
hostname: router_2
num_ports: 5
ports:
1:
ip_address: 192.168.10.1
subnet_mask: 255.255.255.0
2:
ip_address: 192.168.11.1
subnet_mask: 255.255.255.0
3:
ip_address: 192.168.20.1
subnet_mask: 255.255.255.0
acl:
22:
action: PERMIT
src_port: ARP
dst_port: ARP
23:
action: PERMIT
protocol: ICMP
- ref: switch_3
type: switch
hostname: switch_3
num_ports: 8
- ref: external_computer
type: computer
hostname: external_computer
ip_address: 192.168.20.10
subnet_mask: 255.255.255.0
default_gateway: 192.168.20.1
dns_server: 192.168.20.10
- ref: external_server
type: server
hostname: external_server
ip_address: 192.168.20.10
subnet_mask: 255.255.255.0
default_gateway: 192.168.20.1
services:
- ref: domain_controller_dns_server
type: DNSServer
links:
- ref: client_1___switch_1
endpoint_a_ref: client_1
endpoint_a_port: 1
endpoint_b_ref: switch_1
endpoint_b_port: 1
- ref: router_1___switch_1
endpoint_a_ref: router_1
endpoint_a_port: 1
endpoint_b_ref: switch_1
endpoint_b_port: 8
- ref: router_1___router_2
endpoint_a_ref: router_1
endpoint_a_port: 2
endpoint_b_ref: router_2
endpoint_b_port: 2
- ref: router_2___switch_2
endpoint_a_ref: router_2
endpoint_a_port: 1
endpoint_b_ref: switch_2
endpoint_b_port: 8
- ref: client_2___switch_2
endpoint_a_ref: client_2
endpoint_a_port: 1
endpoint_b_ref: switch_2
endpoint_b_port: 1
- ref: router_2___switch_3
endpoint_a_ref: router_2
endpoint_a_port: 3
endpoint_b_ref: switch_3
endpoint_b_port: 8
- ref: external_computer___switch_3
endpoint_a_ref: external_computer
endpoint_a_port: 1
endpoint_b_ref: switch_3
endpoint_b_port: 1
- ref: external_server___switch_3
endpoint_a_ref: external_server
endpoint_a_port: 1
endpoint_b_ref: switch_3
endpoint_b_port: 2

0
tests/integration_tests/configuration_file_parsing/__init__.py Normal file
View File

58
tests/integration_tests/configuration_file_parsing/router_game_configuration.py Normal file
View File

@@ -0,0 +1,58 @@
from pathlib import Path
from typing import Union
import yaml
from primaite.game.game import PrimaiteGame
from primaite.simulator.network.container import Network
from tests import TEST_ASSETS_ROOT
DMZ_NETWORK = TEST_ASSETS_ROOT / "configs/dmz_network.yaml"
def load_config(config_path: Union[str, Path]) -> PrimaiteGame:
"""Returns a PrimaiteGame object which loads the contents of a given yaml path."""
with open(config_path, "r") as f:
cfg = yaml.safe_load(f)
return PrimaiteGame.from_config(cfg)
def test_dmz_config():
"""Test that the DMZ network config can be parsed properly."""
game = load_config(DMZ_NETWORK)
network: Network = game.simulation.network
assert len(network.nodes) == 9 # 9 nodes in network
assert len(network.routers) == 2 # 2 routers in network
assert len(network.switches) == 3 # 3 switches in network
assert len(network.servers) == 1 # 1 server in network
def test_router_routes_are_correctly_added():
"""Test that makes sure that router routes have been added from the configuration file."""
pass
def test_firewall_node_added_to_network():
"""Test that the firewall has been correctly added to and configured in the network."""
pass
def test_router_acl_rules_correctly_added():
"""Test that makes sure that the router ACLs have been configured onto the router node via configuration file."""
pass
def test_firewall_routes_are_correctly_added():
"""Test that the firewall routes have been correctly added to and configured in the network."""
pass
def test_firewall_acl_rules_correctly_added():
"""
Test that makes sure that the firewall ACLs have been configured onto the firewall
node via configuration file.
"""
pass

0
tests/integration_tests/game_configuration.py → tests/integration_tests/configuration_file_parsing/software_installation_and_configuration.py
View File